PT-2018-1599 · Intel · Intel Computing Improvement Program

Published

2018-09-11

Updated

2019-10-03

CVE-2018-12168

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Intel Computing Improvement Program versions prior to 2.2.0.03942

Description The issue is related to privilege escalation in file permissions, potentially allowing an authenticated user to execute code as an administrator via local access. It is caused by errors in privilege management, which may enable an attacker to run arbitrary code with administrator privileges.

Recommendations For versions prior to 2.2.0.03942, update to version 2.2.0.03942 or later to resolve the issue.

Fix

Incorrect Permission

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732CWE-269

Related Identifiers

BDU:2018-01156

CVE-2018-12168

Affected Products

Intel Computing Improvement Program

PT-2018-1599 · Intel · Intel Computing Improvement Program

CVE-2018-12168

Weakness Enumeration

Related Identifiers

Affected Products

References · 5